From ee02cbcfb07c7322b93399c80e50acd2b975ccbd Mon Sep 17 00:00:00 2001 From: malarvizhi Date: Thu, 18 Mar 2021 00:40:11 -0700 Subject: Fix weak cryptography issues Issue-ID: OPTFRA-927 Signed-off-by: Malarvizhi Paramasivam Change-Id: I9e48f7313a7f76bd431e17cebfc3c52bc7f91bda --- .../optimizer/common/PropertiesManagement.java | 14 +++++----- .../META-INF/resources/swagger/swagger.json | 2 +- .../onap/optf/cmso/utilities/PropertiesAdmin.java | 10 ++++++++ .../optf/cmso/common/PropertiesManagement.java | 8 +++--- .../META-INF/resources/swagger/swagger.json | 30 +++++++--------------- .../optf/cmso/common/PropertiesManagement.java | 11 ++++---- .../META-INF/resources/swagger/swagger.json | 2 +- .../optf/cmso/common/PropertiesManagement.java | 7 ++--- .../META-INF/resources/swagger/swagger.json | 2 +- 9 files changed, 41 insertions(+), 45 deletions(-) diff --git a/cmso-optimizer/src/main/java/org/onap/optf/cmso/optimizer/common/PropertiesManagement.java b/cmso-optimizer/src/main/java/org/onap/optf/cmso/optimizer/common/PropertiesManagement.java index 6bf0ee8..a638d99 100644 --- a/cmso-optimizer/src/main/java/org/onap/optf/cmso/optimizer/common/PropertiesManagement.java +++ b/cmso-optimizer/src/main/java/org/onap/optf/cmso/optimizer/common/PropertiesManagement.java @@ -54,7 +54,6 @@ public class PropertiesManagement { private static final String transformation = algorithm + "/" + cipherMode + "/" + paddingScheme; private static final SecureRandom random = new SecureRandom(); - @Autowired Environment env; @@ -100,10 +99,9 @@ public class PropertiesManagement { private static final String encrypt(String key, String value) { try { - - byte[] bytesIV = new byte[16]; - random.nextBytes(bytesIV); - IvParameterSpec iv = new IvParameterSpec(bytesIV); + byte[] bytesIV = new byte[12]; + random.nextBytes(bytesIV); + IvParameterSpec iv = new IvParameterSpec(bytesIV); SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES"); Cipher cipher = Cipher.getInstance(transformation); cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv); @@ -119,10 +117,10 @@ public class PropertiesManagement { private static final String decrypt(String key, String encrypted) { try { - byte[] bytesIV = new byte[16]; + byte[] bytesIV = new byte[12]; random.nextBytes(bytesIV); - IvParameterSpec iv = new IvParameterSpec(bytesIV); - SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES"); + IvParameterSpec iv = new IvParameterSpec(bytesIV); + SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES"); Cipher cipher = Cipher.getInstance(transformation); cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv); byte[] original = cipher.doFinal(Base64.getDecoder().decode(encrypted)); diff --git a/cmso-optimizer/src/main/resources/META-INF/resources/swagger/swagger.json b/cmso-optimizer/src/main/resources/META-INF/resources/swagger/swagger.json index f260bb1..1a25cf1 100644 --- a/cmso-optimizer/src/main/resources/META-INF/resources/swagger/swagger.json +++ b/cmso-optimizer/src/main/resources/META-INF/resources/swagger/swagger.json @@ -1,7 +1,7 @@ { "swagger" : "2.0", "info" : { - "version" : "2.3.1-SNAPSHOT", + "version" : "2.3.2-SNAPSHOT", "title" : "cmso-optimizer" }, "basePath" : "/optimizer", diff --git a/cmso-optimizer/src/test/java/org/onap/optf/cmso/utilities/PropertiesAdmin.java b/cmso-optimizer/src/test/java/org/onap/optf/cmso/utilities/PropertiesAdmin.java index f5adb6f..da7bfbe 100644 --- a/cmso-optimizer/src/test/java/org/onap/optf/cmso/utilities/PropertiesAdmin.java +++ b/cmso-optimizer/src/test/java/org/onap/optf/cmso/utilities/PropertiesAdmin.java @@ -20,6 +20,9 @@ package org.onap.optf.cmso.utilities; import org.onap.optf.cmso.optimizer.common.PropertiesManagement; +import static org.junit.Assert.assertEquals; +import static org.junit.jupiter.api.Assertions.assertAll; +import org.junit.jupiter.api.Test; /** * The Class PropertiesAdmin. @@ -44,5 +47,12 @@ public class PropertiesAdmin { } System.out.println(args[0] + " : " + value); } + @Test + public void testEncryptionDecryption() + { + String encryptedInputData = PropertiesManagement.getEncryptedValue("Hello"); + String decryptedData = PropertiesManagement.getDecryptedValue(encryptedInputData); + assertEquals(decryptedData,"Hello"); + } } diff --git a/cmso-service/src/main/java/org/onap/optf/cmso/common/PropertiesManagement.java b/cmso-service/src/main/java/org/onap/optf/cmso/common/PropertiesManagement.java index 3f7a808..1b6488f 100644 --- a/cmso-service/src/main/java/org/onap/optf/cmso/common/PropertiesManagement.java +++ b/cmso-service/src/main/java/org/onap/optf/cmso/common/PropertiesManagement.java @@ -99,8 +99,8 @@ public class PropertiesManagement { } private static final String encrypt(String key, String value) { - try { - byte[] bytesIV = new byte[16]; + try{ + byte[] bytesIV = new byte[12]; random.nextBytes(bytesIV); IvParameterSpec iv = new IvParameterSpec(bytesIV); SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES"); @@ -118,8 +118,8 @@ public class PropertiesManagement { private static final String decrypt(String key, String encrypted) { try { - byte[] bytesIV = new byte[16]; - random.nextBytes(bytesIV); + byte[] bytesIV = new byte[12]; + random.nextBytes(bytesIV); IvParameterSpec iv = new IvParameterSpec(bytesIV); SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES"); Cipher cipher = Cipher.getInstance(transformation); diff --git a/cmso-service/src/main/resources/META-INF/resources/swagger/swagger.json b/cmso-service/src/main/resources/META-INF/resources/swagger/swagger.json index eb563ad..16b69b8 100644 --- a/cmso-service/src/main/resources/META-INF/resources/swagger/swagger.json +++ b/cmso-service/src/main/resources/META-INF/resources/swagger/swagger.json @@ -1,7 +1,7 @@ { "swagger" : "2.0", "info" : { - "version" : "2.3.1-SNAPSHOT", + "version" : "2.3.2-SNAPSHOT", "title" : "cmso-service" }, "basePath" : "/cmso", @@ -774,25 +774,15 @@ "format" : "int32", "description" : "Maximum number of VNF changes to schedule concurrently" }, - "changeWindows" : { - "type" : "array", - "description" : "Lists of desired change windows to schedule the elements.", - "items" : { - "$ref" : "#/definitions/Change Window" - } - }, - "policies" : { - "type" : "array", - "description" : "List of the policies to control optimization.", - "items" : { - "$ref" : "#/definitions/Supported Policy Information" - } + "policyId" : { + "type" : "string", + "description" : "Name of schedule optimization policy used by the change management cmso optimizer to determine available time slot" }, - "elements" : { + "vnfDetails" : { "type" : "array", "description" : "Lists of the VNFs to be changed and the desired change windows", "items" : { - "$ref" : "#/definitions/Optimizer Element" + "$ref" : "#/definitions/VNF Details" } } }, @@ -803,16 +793,14 @@ "properties" : { "startTime" : { "type" : "string", - "format" : "date-time", - "description" : "Earliest time for which changes may begin." + "description" : "Earliest time that a set of changes may begin." }, "endTime" : { "type" : "string", - "format" : "date-time", - "description" : "Latest time by which all changes must be completed." + "description" : "Latest time by which all changes must be completed" } }, - "description" : "Time window for which tickets are to returned" + "description" : "Time window within which the scheduler optimizer can schedule the changes for the group of NVFs" }, "CmDetailsMessage" : { "type" : "object", diff --git a/cmso-ticketmgt/src/main/java/org/onap/optf/cmso/common/PropertiesManagement.java b/cmso-ticketmgt/src/main/java/org/onap/optf/cmso/common/PropertiesManagement.java index c36a587..e34a73d 100644 --- a/cmso-ticketmgt/src/main/java/org/onap/optf/cmso/common/PropertiesManagement.java +++ b/cmso-ticketmgt/src/main/java/org/onap/optf/cmso/common/PropertiesManagement.java @@ -100,9 +100,9 @@ public class PropertiesManagement { private static final String encrypt(String key, String value) { try { - byte[] bytesIV = new byte[16]; - random.nextBytes(bytesIV); - IvParameterSpec iv = new IvParameterSpec(bytesIV); + byte[] bytesIV = new byte[12]; + random.nextBytes(bytesIV); + IvParameterSpec iv = new IvParameterSpec(bytesIV); SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES"); Cipher cipher = Cipher.getInstance(transformation); cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv); @@ -118,9 +118,8 @@ public class PropertiesManagement { private static final String decrypt(String key, String encrypted) { try { - - byte[] bytesIV = new byte[16]; - random.nextBytes(bytesIV); + byte[] bytesIV = new byte[12]; + random.nextBytes(bytesIV); IvParameterSpec iv = new IvParameterSpec(bytesIV); SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES"); Cipher cipher = Cipher.getInstance(transformation); diff --git a/cmso-ticketmgt/src/main/resources/META-INF/resources/swagger/swagger.json b/cmso-ticketmgt/src/main/resources/META-INF/resources/swagger/swagger.json index 3cac0bb..0f077e0 100644 --- a/cmso-ticketmgt/src/main/resources/META-INF/resources/swagger/swagger.json +++ b/cmso-ticketmgt/src/main/resources/META-INF/resources/swagger/swagger.json @@ -1,7 +1,7 @@ { "swagger" : "2.0", "info" : { - "version" : "2.3.1-SNAPSHOT", + "version" : "2.3.2-SNAPSHOT", "title" : "cmso-ticketmgt" }, "basePath" : "/ticketmgt", diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/common/PropertiesManagement.java b/cmso-topology/src/main/java/org/onap/optf/cmso/common/PropertiesManagement.java index 8af1aea..518ce0c 100644 --- a/cmso-topology/src/main/java/org/onap/optf/cmso/common/PropertiesManagement.java +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/common/PropertiesManagement.java @@ -49,6 +49,7 @@ public class PropertiesManagement { private static final String transformation = algorithm + "/" + cipherMode + "/" + paddingScheme; private static final SecureRandom random = new SecureRandom(); + @Autowired Environment env; @@ -93,7 +94,7 @@ public class PropertiesManagement { private static final String encrypt(String key, String value) { try { - byte[] bytesIV = new byte[16]; + byte[] bytesIV = new byte[12]; random.nextBytes(bytesIV); IvParameterSpec iv = new IvParameterSpec(bytesIV); SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES"); @@ -111,9 +112,9 @@ public class PropertiesManagement { private static final String decrypt(String key, String encrypted) { try { - byte[] bytesIV = new byte[16]; + byte[] bytesIV = new byte[12]; random.nextBytes(bytesIV); - IvParameterSpec iv = new IvParameterSpec(bytesIV); + IvParameterSpec iv = new IvParameterSpec(bytesIV); SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES"); Cipher cipher = Cipher.getInstance(transformation); cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv); diff --git a/cmso-topology/src/main/resources/META-INF/resources/swagger/swagger.json b/cmso-topology/src/main/resources/META-INF/resources/swagger/swagger.json index c6aeba7..a5abc3f 100644 --- a/cmso-topology/src/main/resources/META-INF/resources/swagger/swagger.json +++ b/cmso-topology/src/main/resources/META-INF/resources/swagger/swagger.json @@ -1,7 +1,7 @@ { "swagger" : "2.0", "info" : { - "version" : "2.3.1-SNAPSHOT", + "version" : "2.3.2-SNAPSHOT", "title" : "cmso-topology" }, "basePath" : "/topology", -- cgit 1.2.3-korg